Zero-day affecting Windows 10, Windows 11, and Windows Server lets anyone gain administrator privileges

A new Windows zero-day that affects Windows 10, Windows 11, and Windows Server will allow anyone to gain administrative privileges on a device. It affects all supported versions of Windows and can allow an attacker with limited access to a device to easily elevate their privileges in order to spread across the network.
BleepingComputer has tested the exploit on Windows and was able to use it to open a command prompt with SYSTEM privileges from an account that only had “Standard” privileges. This vulnerability is a bypass to a patch rolled out by Microsoft in response to CVE-2021-41379 and was discovered by security researcher Abdelhamid Naceri. The patch was applied in this month’s Patch Tuesday release. Naceri released a proof-of-concept on GitHub that shows how to exploit the vulnerability, and BleepingComputer demonstrated how Naceri’s “InstallerFileTakeOver” exploit works in mere seconds to gain SYSTEM privileges. It was tested on Windows 10 21H1 build 19043.1348.

“This variant…

Written By: Adam Conway

Original Article:

Leave a Comment